Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3134362e31392e33382e302f32342d3234203d3e20313939363534.roa
File: 3134362e31392e33382e302f32342d3234203d3e20313939363534.roa (raw, json)
Hash identifier: KCPy6uAOav6R+jmrUTgTpbZkeje3mnKOXa6FXDMEhhE=
Subject key identifier: 47:58:3D:7A:D4:0D:DD:8A:E1:DD:27:EB:BF:D9:9A:4A:4F:8B:8F:8A
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 2C9009A261E1F6C087BEEE40A76A8BC9076B993E
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3134362e31392e33382e302f32342d3234203d3e20313939363534.roa
Signing time: Sat 25 Oct 2025 18:55:10 +0000
ROA not before: Sat 25 Oct 2025 18:50:10 +0000
ROA not after: Sat 24 Oct 2026 18:55:10 +0000
asID: 199654
IP address blocks: 146.19.38.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.mft
rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 12:20:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:90:09:a2:61:e1:f6:c0:87:be:ee:40:a7:6a:8b:c9:07:6b:99:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Oct 25 18:50:10 2025 GMT
Not After : Oct 24 18:55:10 2026 GMT
Subject: CN=47583D7AD40DDD8AE1DD27EBBFD99A4A4F8B8F8A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:a9:4d:5c:37:8c:59:8b:42:90:8b:2d:42:24:
a7:9e:58:92:a4:58:bb:e7:9f:d2:b0:f8:50:b6:ba:
8b:17:05:02:6e:23:60:84:89:84:28:46:41:d1:54:
27:ff:db:12:03:a4:90:d9:ba:6a:20:37:5a:4c:c2:
7a:43:05:da:3f:54:04:12:bf:fb:5c:56:18:f2:12:
b5:9d:ba:29:e6:7f:5a:26:36:fa:68:cd:83:e7:2c:
f4:db:bf:11:6e:30:47:6c:d9:6f:4d:85:f2:75:fb:
f0:2a:7c:af:84:48:fb:65:56:95:74:e3:b9:88:b7:
7a:31:06:e0:e2:9d:25:62:3e:fb:e5:5d:7f:70:2b:
0b:34:7d:cd:fd:11:ed:e7:79:2a:5a:94:cc:5f:6a:
d1:00:5c:df:48:17:a0:c8:36:65:f3:ef:e9:1c:44:
bb:73:8b:b9:31:b7:9d:01:a1:a6:80:13:86:31:92:
a0:e4:75:bd:f6:f1:41:75:6a:49:31:df:7f:01:41:
c8:11:f6:4b:85:37:af:5f:20:72:45:c6:2e:c6:d0:
3c:b8:44:f4:74:fc:6e:8d:30:49:aa:cd:42:a1:d0:
4e:74:75:b8:84:6d:26:68:1e:6a:09:a5:4c:6b:a0:
f5:89:5e:27:96:c4:97:12:3e:c7:7a:45:05:c5:24:
ef:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:58:3D:7A:D4:0D:DD:8A:E1:DD:27:EB:BF:D9:9A:4A:4F:8B:8F:8A
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3134362e31392e33382e302f32342d3234203d3e20313939363534.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.38.0/24
Signature Algorithm: sha256WithRSAEncryption
c2:62:7f:72:63:b6:c4:b8:d0:d3:47:f1:89:b9:05:59:97:46:
f8:2f:75:4f:7b:43:f2:18:76:56:18:76:4a:34:3d:29:10:0e:
28:96:bb:c8:23:f8:cb:76:55:71:7d:64:17:ba:2d:16:45:66:
91:9e:32:06:15:96:07:f8:11:85:5f:aa:59:91:6f:dc:82:2c:
26:ae:1a:b6:ea:cc:3f:ca:b7:8f:fd:9d:6f:51:75:ae:71:3c:
50:e7:7a:31:25:a9:eb:c0:c8:c1:91:de:92:bc:2a:5e:66:c1:
4d:b1:7b:22:da:6a:63:1a:7f:02:0a:eb:29:de:f7:61:73:85:
98:28:3a:91:8a:14:80:60:56:37:af:c1:91:1a:eb:26:01:ea:
24:d4:16:e6:60:26:90:64:a1:7e:fb:6e:4f:02:e3:ef:f9:5a:
00:7b:47:17:f5:48:ba:8a:d9:40:1f:f0:82:ba:a3:aa:4d:70:
b0:5a:7c:26:25:c1:70:82:f5:04:73:a2:aa:ca:72:17:76:22:
b4:d0:a2:da:9c:01:ea:e5:0b:7a:c6:75:9d:1a:b7:05:12:a6:
51:3f:d4:d4:3e:7b:5c:d2:c8:9b:d2:ad:6d:19:8a:15:85:10:
ff:fd:2d:ff:12:8e:e2:63:ee:7e:78:72:2b:5f:8b:ca:30:82:
29:85:5d:d2
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIULJAJomHh9sCHvu5Ap2qLyQdrmT4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yNTEwMjUxODUwMTBaFw0yNjEwMjQxODU1MTBaMDMxMTAvBgNV
BAMTKDQ3NTgzRDdBRDQwREREOEFFMUREMjdFQkJGRDk5QTRBNEY4QjhGOEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdqU1cN4xZi0KQiy1CJKeeWJKk
WLvnn9Kw+FC2uosXBQJuI2CEiYQoRkHRVCf/2xIDpJDZumogN1pMwnpDBdo/VAQS
v/tcVhjyErWduinmf1omNvpozYPnLPTbvxFuMEds2W9NhfJ1+/AqfK+ESPtlVpV0
47mIt3oxBuDinSViPvvlXX9wKws0fc39Ee3neSpalMxfatEAXN9IF6DINmXz7+kc
RLtzi7kxt50BoaaAE4YxkqDkdb328UF1akkx338BQcgR9kuFN69fIHJFxi7G0Dy4
RPR0/G6NMEmqzUKh0E50dbiEbSZoHmoJpUxroPWJXieWxJcSPsd6RQXFJO/nAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUR1g9etQN3Yrh3Sfrv9maSk+Lj4owHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzEzNDM2MmUzMTM5MmUzMzM4
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzOTM5MzYzNTM0LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
khMmMA0GCSqGSIb3DQEBCwUAA4IBAQDCYn9yY7bEuNDTR/GJuQVZl0b4L3VPe0Py
GHZWGHZKND0pEA4olrvII/jLdlVxfWQXui0WRWaRnjIGFZYH+BGFX6pZkW/cgiwm
rhq26sw/yreP/Z1vUXWucTxQ53oxJanrwMjBkd6SvCpeZsFNsXsi2mpjGn8CCusp
3vdhc4WYKDqRihSAYFY3r8GRGusmAeok1BbmYCaQZKF++25PAuPv+VoAe0cX9Ui6
itlAH/CCuqOqTXCwWnwmJcFwgvUEc6KqynIXdiK00KLanAHq5Qt6xnWdGrcFEqZR
P9TUPntc0sib0q1tGYoVhRD//S3/Eo7iY+5+eHIrX4vKMIIphV3S
-----END CERTIFICATE-----
Generated at Wed Nov 5 03:12:32 2025 by rpki-client